Re: [Full-disclosure] [ANN] Struts 2.3.16.1 GA release available - security fix

Tim Thu, 06 Mar 2014 09:02:34 -0800

> This release includes important security fixes:
> - S2-020 - ClassLoader manipulation via request parameters


What is the ultimate impact of this manipulation?  Another RCE bug?

tim

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: [Full-disclosure] [ANN] Struts 2.3.16.1 GA release available - security fix

Reply via email to